Join Us On LinkedIn

Virginia Gov. Ralph Northam (D) signed the Consumer Data Protection Act on Tuesday, making Virginia the second state in the U.S. to pass a comprehensive data privacy law. The bill will give consumers the right to opt out of having their personal data processed for targeted advertising and the right to confirm if their data […]
As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in data breach litigation, a recent opinion within […]
A billing contractor, the Seattle-based Automatic Funds Transfer Services, was hit by a ransomware attack in early February. The DMV has worked with the organization since mid-2019 “to correct and verify vehicle registration addresses,” according to the department. KFSN in Fresno reports that the affected data includes 20 months’ worth of California vehicle registration records […]
Law firm Jones Day says hackers got their hands on confidential client data and firm communications when an outside vendor’s file transfer system was breached. Jones Day is the second major law firm in two weeks to have private data exposed as a result of a breach at Accellion, which provides file transfer and other […]
Against the backdrop of the disruptions associated with the Covid-19 pandemic and SolarWinds cyber-espionage campaign, NYDFS has released guidance for insurers that underwrite cyber insurance policies and which contains a number of provisions expected to impact companies applying for or renewing cyber insurance coverage, not the least of which is a specific recommendation that insurers […]
The Kroger Co. is advising customers of its pharmacy and Little Clinic of a data security breach in which patient names and personal information were accessed illegally, according to multiple media outlets. Source: National grocer advises customers of data breach affecting pharmacy
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Cybersecurity Docket welcomes your nominations for our ‘IR 30’ for 2021 — the 30 best Incident Response legal and compliance professionals in the industry.
This article suggests that by following the ransomware due diligence checklist set forth below, a ransomware victim who opts to pay the ransom can in the least mitigate the chances of a U.S. civil enforcement action or criminal prosecution, and perhaps even avoid U.S. government scrutiny altogether. Source: (26) A Ransomware OFAC Due Diligence Checklist | LinkedIn
The Scottish Environment Protection Agency has said it “will not engage with criminals intent on disrupting public services and extorting public funds”, as it continues to deal with a ransomware attack that has been ongoing since Christmas Eve. Some of the information stolen from the environmental regulator has now been published online, but Police Scotland […]
President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the US government works to recover from one of the biggest hacks of its agencies attributed to Russian spies. Source: Joe Biden enlists ‘world class’ cybersecurity team
“In the last year, experts are saying this is close to getting out of control,” said Martin. “You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”. Source: Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware […]
Marriott recently won dismissal of a proposed class action data breach lawsuit alleging several violations, including a violation of the California Consumer Privacy Act (CCPA). The case, Arifur Rahman v. Marriott International, Inc. et al., Case No.: 8:20-cv-00654, was dismissed in an Order by U.S. District Court Judge David O. Carter on January 12, 2021. […]
Kroll, a division of Duff & Phelps, provider of risk mitigation, investigations, compliance, cyber resilience, security and incident response solutions, announced the hiring of three seasoned cyber experts in North America and two incident response investigators in Asia Pacific to fuel the expansion of its cyber risk management capabilities globally. Kroll’s recent hires in North America […]
Incident Response Forum Ransomware 2021 panelists offer their “One Big Thing” to take away from this year’s event.